GUIA PARA LA SEGURIDAD ALIMENTARIA Y NUTRICIONAL EN EL HOGAR
PROCESAMIENTO CASERO DE DESECHOS ORGÁNICOS
This section details the supported features and the points that you should note when you work in a heterogeneous environment in Network Security Platform 7.1.
If this upgrade involves 5.1 Sensors, then note that from release 6.0, the names of some of the features have been changed for a better user-experience. Also, there are also many functional changes since release 6.0. All these information are available in the latest 6.1 McAfee Network Security Platform
Upgrade Guide, which you need to review carefully before you begin your 7.1 upgrade.
• In a 7.1 heterogeneous environment, you need a 7.1 NAC Sensor to implement OOB NAC. For Standard Inline and DHCP Inline deployments, you can use a 6.1 or 7.0 Sensor.
If you had implemented OOB NAC in 6.1, you need to reconfigure OOB NAC in 7.1. The method of configuring OOB NAC is vastly different in release 7.1 when compared to any of the earlier releases. For example, NAC policies are replaced by NAC rules. Also, OOB NAC enforcement is greatly enhanced in 7.1. For example, Sensor can convert the NAZ to RADIUS ACLs and apply it on the access port. These enhancements have made OOB NAC a simple yet powerful way to enforce hosts. However, because of such major changes, the 7.1 version is not compatible with 6.1.5.x with respect to OOB NAC only. Therefore, a 7.1 Manager cannot manage a 6.1 N-series Sensor with respect to OOB NAC.
• In release 7.0 and above, the IPS policy applied at a Sensor level is referred to as the baseline IPS policy. You can customize exploit and DoS attacks of this policy for specific interfaces and
sub-interfaces. This customization applies only to that interface or sub-interface, and such customized policies are referred to as local IPS policies. For 6.1 Sensor interfaces and sub-interfaces, only the DoS-attack customizations are applied and the exploit-attack
customizations are not. In the Manager, you are allowed to customize the exploit attacks even for 6.1 Sensor interfaces and sub-interfaces. However, these customizations are not applied on the Sensor resources when you do a configuration update.
• In Network Security Platform 7.0 and above, the ACL feature is referred to as Firewall; see Note
regarding ACLs. Also, note that the advanced Firewall policies are available only for M-series
Sensors on 7.0 or above; classic Firewall policies are available for M-series and I-series Sensors on 6.1, 7.0, or 7.1.
• Application identification feature is available only for M-series Sensors on 7.0 or above. • Stateless access rule, which is a type of Firewall access rule, is available only for M-series
Sensors on 7.1 or above.
• The connection limiting policy feature is available only for M-series Sensors running on 7.x software. • From release 7.0, there are a set of protection options available at the interface and sub-interface
levels. On a 7.x Manager, go to IPS Settings | Sensor name | Interface or sub-interface name | Protection Profile. to view these options. The availability of these options depend on the Sensor model and its software
Manager and Central Manager enhancements
version as explained below. If an option is not available, you can mouse-hover that option for the reason.
Figure 6-1 Availability of protection options
• Advanced Botnet Detection: This is available to I-series and M-series Sensors on 7.0 or above. • Advanced Traffic Inspection: This is available to I-series and M-series Sensors on 7.0 or above. • File Reputation - Custom Fingerprints: This is available for M-series on 6.1 and above. However,
for 6.1 Sensors, it is available only at the Sensor level.
• File Reputation - GTI Fingerprints: This is available for M-series on 6.1 and above. However, for 6.1 Sensors, it is available only at the Sensor level.
• Heuristic Web Application Server Protection: This is available only for M-series Sensors on 7.0 or above.
• HTTP Response Scanning: This is available for I-series and M-series on 6.1 and above. However, for 6.1 Sensors, it is available only at the Sensor level.
• IP Reputation: This is available only for M-series Sensors on 7.0 or above.
• Layer 7 Data Collection: This is available only for M-series Sensors on 7.0 or above.
• Simulated Blocking: This is available only for I-series and M-series Sensors on 7.1 or above. • X-Forwarded-For (XFF) Header Parsing: This is available only for M-series Sensors on 7.0 or above. • Hitless reboot feature is available only for M-3050, M-4050, M-6050, and M-8000 Sensors on 7.0 or
above.
• The Misc tab (Device List | Sensor name | Misc)is available only for Sensors on 7.0 or above. • Proxy Server: Available only for M-series Sensors on 7.0 or above.
• DNS Setting: Available only for M-series Sensors on 7.0 or above. • Time Zone: Available only for M-series Sensors on 7.0 or above.
6
Manager and Central Manager enhancements• NTP Server: Available for both M-series and I-series on 6.1.5 and 7.1 or above (not available for 7.0).
• CLI Auditing: Available for both M-series and I-series on 6.1.5 and 7.1 or above (not available for 7.0).
• Packet Capturing: This feature is available only for M-series Sensors. In case of 6.1 Sensors, you can capture packets only in the port mode. In case of Sensors on 7.0 and above, you can capture packets in the port or file mode.
• The Snort Rule Validation utility validates Snort rules only for M-series Sensors on 7.0 or above.